Microsoft held its third invitation-only Blue Hat Security Briefings event last week and after some initial reluctance is planning to publicly release the proceedings. Ryan Naraine:
After first refusing to share any details on the third “Blue Hat” hacker briefings held in Redmond earlier this month, Microsoft has loosened up and launched a new blog and a TechNet site with the skinny on what was discussed.
The Spring 2006 version of the
secretinvitation-only security powwow featured a Who’s Who of respected hackers/researchers, including NGS Software’s David Litchfield, Metasploit’s HD Moore, Sabre Security’s Halvar Flake and Alexander Kornbrust from Red-Database-Security.
Microsoft has also promised to post video and podcasts of the individual speakers on the new TechNet site.
Robert McMillan has more details at Infoworld including this background:
Microsoft started the Blue Hat briefings a year ago to begin dialogue between the company’s security team and external security researchers, many of whom have been critical of the company’s approach to security. A handful of outside security researchers spend a few days at Blue Hat discussing Microsoft’s security vulnerabilities with several hundred of the company’s engineers and executives.
There were more than 650 attendees at Blue Hat 3, which was also broadcast to Microsoft employees worldwide, according to Alexander Kornbrust, a business director at Red-Database-Security, in Neunkirchen, Germany, who attended the event.